[MacPorts] #54963: Ports cannot set setuid bit
MacPorts
noreply at macports.org
Sun Oct 1 18:47:58 UTC 2017
#54963: Ports cannot set setuid bit
---------------------+------------------------
Reporter: danchr | Owner:
Type: defect | Status: new
Priority: Normal | Milestone:
Component: base | Version: 2.4.99
Resolution: | Keywords: highsierra
Port: |
---------------------+------------------------
Comment (by raimue):
I can get it to work if I grant the `file-write-setugid` permission
explicitly. I guess the default changed, but I have no idea how to
retrieve that to confirm it.
{{{
highsierra $ sandbox-exec -p '(version 1) (allow default) (allow file-
write-setugid)' files/test.sh
-rwsr-xr-x+ 1 raimue wheel 0 Oct 1 20:44 xxx
-rwsr-xr-x -> 104755
}}}
As a side note, it looks like Apple also killed the very useful tracing
ability with `sandbox-exec -p '(version 1) (deny default) (trace
"xxx.sb")' ...` that reports all actions that would were attempted while
still allowing all actions. This is the way I could debug this using
Sierra. No idea how something like that could be done on High Sierra
alone...
--
Ticket URL: <https://trac.macports.org/ticket/54963#comment:5>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list